fix: initial release with complete automation

yordis · yordis · commit 4bee768df325 · 2025-11-02T04:15:33.000-05:00
- Set up release-please workflow for automated releases
- Configure CD workflow for build and attestation
- Use patch versioning only (no minor bumps)
- Add PR title validation with PAT token
- Configure attestations and SBOM generation
- Add DCO support for release-please commits
diff --git a/.github/release-please-config.json b/.github/release-please-config.json
@@ -4,8 +4,8 @@
       "package-name": "@trogonstack/aipm",
       "release-type": "node",
       "changelog-path": "CHANGELOG.md",
-      "bump-minor-pre-major": true,
-      "bump-patch-for-minor-pre-major": true,
+      "bump-minor-pre-major": false,
+      "bump-patch-for-minor-pre-major": false,
       "extra-files": ["package.json"],
       "changelog-sections": [
         { "type": "feat", "section": "Features", "hidden": false },
diff --git a/.github/release-please-manifest.json b/.github/release-please-manifest.json
@@ -1,3 +1,3 @@
 {
-  ".": "0.1.0"
+  ".": "0.4.0"
 }
diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
@@ -0,0 +1,49 @@
+name: CD
+
+on:
+  release:
+    types: [published]
+
+permissions:
+  contents: write
+  attestations: write
+  id-token: write
+
+jobs:
+  build-and-upload:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: oven-sh/setup-bun@v2
+
+      - name: Install dependencies
+        run: bun install
+
+      - name: Build all platforms
+        run: bun run build:all
+
+      - name: Generate artifact attestations
+        uses: actions/attest-build-provenance@v2
+        with:
+          subject-path: dist/*
+
+      - name: Generate SBOM
+        uses: anchore/sbom-action@v0
+        with:
+          path: ./
+          artifact-name: sbom-spdx.json
+          output-file: ./sbom-spdx.json
+
+      - name: Attest SBOM
+        uses: actions/attest-sbom@v2
+        with:
+          subject-path: 'dist/*'
+          sbom-path: './sbom-spdx.json'
+
+      - name: Upload release artifacts
+        uses: softprops/action-gh-release@v1
+        with:
+          files: |
+            dist/*
+            sbom-spdx.json
diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml
@@ -17,7 +17,7 @@ jobs:
     steps:
       - uses: amannn/action-semantic-pull-request@v5.4.0
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GH_PAT_RELEASE_PLEASE_ACTION }}
         with:
           types: |
             feat
diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml
@@ -8,67 +8,13 @@ on:
 permissions:
   contents: write
   pull-requests: write
-  attestations: write
-  id-token: write
 
 jobs:
   release-please:
     runs-on: ubuntu-latest
-    outputs:
-      release_created: ${{ steps.release.outputs.release_created }}
-      tag_name: ${{ steps.release.outputs.tag_name }}
     steps:
       - uses: googleapis/release-please-action@v4
-        id: release
         with:
-          token: ${{ secrets.GH_PAT_RELEASE_PLEASE_ACTION }}
           config-file: .github/release-please-config.json
           manifest-file: .github/release-please-manifest.json
-          skip-github-release: true
-
-  build-and-upload:
-    needs: release-please
-    if: ${{ needs.release-please.outputs.release_created }}
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-
-      - uses: oven-sh/setup-bun@v2
-
-      - name: Install dependencies
-        run: bun install
-
-      - name: Build all platforms
-        run: bun run build:all
-
-      - name: Generate artifact attestations
-        uses: actions/attest-build-provenance@v2
-        with:
-          subject-path: dist/*
-
-      - name: Generate SBOM
-        uses: anchore/sbom-action@v0
-        with:
-          path: ./
-          artifact-name: sbom-spdx.json
-          output-file: ./sbom-spdx.json
-
-      - name: Attest SBOM
-        uses: actions/attest-sbom@v2
-        with:
-          subject-path: 'dist/*'
-          sbom-path: './sbom-spdx.json'
-
-      - name: Create release with all artifacts at once
-        env:
-          GH_TOKEN: ${{ github.token }}
-        run: |
-          TAG="${{ needs.release-please.outputs.tag_name }}"
-
-          # Create release with all artifacts at once (compatible with immutable releases)
-          gh release create "$TAG" \
-            --title "$TAG" \
-            --notes "See [CHANGELOG.md](https://github.com/${{ github.repository }}/blob/$TAG/CHANGELOG.md) for details" \
-            --verify-tag \
-            dist/* \
-            sbom-spdx.json
+          token: ${{ secrets.GH_PAT_RELEASE_PLEASE_ACTION }}
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@trogonstack/aipm",
-  "version": "0.1.0",
+  "version": "0.4.0",
   "description": "AI Plugin Manager - Plugin manager for AI coding assistants (Claude Code, Cursor, and more). Sync plugins from multiple marketplaces.",
   "type": "module",
   "homepage": "https://github.com/TrogonStack/aipm",

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,3 @@`
`1`	`1`	`{`
`2`		`- ".": "0.1.0"`
	`2`	`+ ".": "0.4.0"`
`3`	`3`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@trogonstack/aipm",`
`3`		`- "version": "0.1.0",`
	`3`	`+ "version": "0.4.0",`
`4`	`4`	`"description": "AI Plugin Manager - Plugin manager for AI coding assistants (Claude Code, Cursor, and more). Sync plugins from multiple marketplaces.",`
`5`	`5`	`"type": "module",`
`6`	`6`	`"homepage": "https://github.com/TrogonStack/aipm",`